You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/07/04 20:39:00 UTC

[jira] [Commented] (IGNITE-2344) WebSessionFilter doesn't support session ID renewal

    [ https://issues.apache.org/jira/browse/IGNITE-2344?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16074066#comment-16074066 ] 

ASF GitHub Bot commented on IGNITE-2344:
----------------------------------------

Github user samaitra closed the pull request at:

    https://github.com/apache/ignite/pull/887


> WebSessionFilter doesn't support session ID renewal
> ---------------------------------------------------
>
>                 Key: IGNITE-2344
>                 URL: https://issues.apache.org/jira/browse/IGNITE-2344
>             Project: Ignite
>          Issue Type: Bug
>          Components: general
>    Affects Versions: ignite-1.4
>            Reporter: Denis Magda
>            Assignee: Saikat Maitra
>             Fix For: 1.7
>
>
> It's quite a common scenario to update a session ID after a user successfully logged in preserving the session content for further usage.
> Ignite's {{WebSessionFilter}} doesn't support such a use case creating a session from scratch.
> To support this behavior we can store a special Cookie that will hold latest session ID. When a session is passed to {{WebSessionFilter}} and the filter detects that this is a fresh session it will check the Cookie in advance. If the Cookie exists and holds an old session ID then the filter will be able to get a session content from the cache using the old ID and put it back using the new ID.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)